I'm working with a local file which I always extract from a password protected archive (RAR), do some modifications/additions to it and overwrite the old file inside the archive with the new file (I don't overwrite the archive. I overwrite the file inside it). The RAR is password protected for certain confidentiality reasons, and I need it to be that way.

I considered using Git for version control, but from my first use of Git, it appears to be meant for files that are not archived. I wanted to version control my RAR file. But what if I decide to add more files to the RAR and then commit the RAR? Doesn't that ruin the point of having version control where you can also do a diff to compare versions etc.? Does it make sense to use a version control when I'm extracting files from the RAR to do modifications and then putting them back in the RAR and committing the RAR?

Is version control the right way to do this or is there something better?

I would consider not to put the RAR file into version control. If you want to have diff/compare capabilities, it is much better put your (text?) files into version control. If you need that RAR file, create a a script to build the RAR file from scratch in a reproducible manner. Put that script also into version control.

Concerning confidentiality: I would use a crypted file system, for example something like True Crypt, for your local files (your clear-text working copy and also the git repository).

If all you have in your repo is a rar-ed file, you lose pretty much all the benefits of a sophisticated version control system, such as branching / merging, diffs, efficient differential storage, etc. If you want to keep going down that road, then you don't really need a version control system - a directory of RAR files will do exactly the same for you (minus the IDE integration, but you can easily script your way out of that one).

If you do want to leverage the benefits of source control, here's what you can do:

Set up a dedicated machine to work on, with full-disk crypto. The machine can be a VM if you don't have a spare one lying around, as long as everything is encrypted. Make sure nobody has access to that machine except yourself. Pick strong passwords.

On that machine, set up a git repo and your development environment.

Lock down network access: your development machine should have a very restrictive set of firewall rules (and a good firewall). Most importantly, lock down all incoming traffic except what you absolutely need: there is no reason to allow incoming HTTP traffic, for example. If it's a VM running on your local workstation, you don't need any network access at all, except for downloading software updates.

Copy the RAR file to the development machine, unpack it, and put the unpacked files in your git repo.

Whenever you need to ship a RAR, export the git repo's HEAD version and RAR it up with a suitable password, then copy it off the development machine.

This method actually has a few advantages over your current approach: the unpacked files are never written to disk unencrypted (because the entire development machine's disk is encrypted), and since the development machine serves only this one purpose, you can apply far more restrictive security measures - for example, you don't need to run a web browser (you can do that on your 'regular' machine), you don't need to read any e-mails, you don't need things like flash, Java, etc. And if at some point you stop working on that project, you can just wipe the crypto key, and everything you ever knew about the project will be gone. Also, the encryption provided by TrueCrypt and similar full-disk crypto solutions is far better than anything RAR has to offer.

Either way, you need to decide on a threat model to defend against, and see which strategy works best.

If all you're doing is overwriting files, it's not really version control. You use Version Control for different versions, releases, builds, etc. of a project.

I think you're looking at this the wrong way. Is there any reason why the rar file can't be unpacked and the files uploaded into a password protected project at any number of git/subversion hosts that offer a free project?

This should allow you to setup a local Subversion repo on Windows. Any Subversion IDE integration should work. I know ANKSVN for VS does. You can control access and require login to access it. This will allow an actual version control for you, but still enable to you keep everything local and be secure.

Edit #2: Merely overwriting files isn't a best practice. You have nothing to fall back on should you destroy functionality while trying to improve it.